IAM Engineer
United States of America
Full Time
2 weeks ago
H1B Sponsor Likely
Key skills
Identity GovernanceAdministration (IGA) platformsAuthentication protocols LDAPAuthentication protocols SAMLAuthentication protocols OAuthAuthentication protocols OpenID ConnectAuthentication protocols KerberosPrivileged Access Management (PAM) solutionsActive Directory (AD)Azure AD (Entra ID)SCIMAPI integrationsScripting PowerShellScripting PythonRegulatory compliance SOXRegulatory compliance HIPAARegulatory compliance NISTRegulatory compliance ISO 27001Cloud IAM AWSCloud IAM AzureCloud IAM GCPZero Trust Architecture (ZTA)Security certifications CISSPSecurity certifications CISMSecurity certifications GIACSecurity certifications Microsoft SC-300Security certifications SailPoint Certified EngineerSecurity certifications Okta Certified Professional/AdministratorSecurity certifications CyberArk Defender/GuardianPythonPowerShellAWSAzureGCPVaultIAMAzure ADEntra IDOAuthOktaSAMLLDAPActive DirectoryZero Trust
About this role
Bayview Asset Management is an investment management firm focused on mortgage and consumer credit investments. They are seeking an experienced Identity Access & Management (IAM) Engineer to support their enterprise identity and access management initiatives, focusing on authentication, authorization, provisioning, and privileged access management.
Responsibilities:
- Design, implement, and maintain IGA solutions to automate user provisioning, deprovisioning, and access reviews
- Configure and manage role-based access control (RBAC), attribute-based access control (ABAC), and policy-based access controls
- Develop workflows for user lifecycle management (Joiner-Mover-Leaver)
- Ensure compliance with internal security policies and external regulations
- Enforce security policies related to authentication and access control
- Implement and maintain PAM solutions to secure access to privileged accounts and credentials
- Maintain and optimize IGA platform configurations
- Monitor and troubleshoot identity-related incidents and service requests
- Work with cross-functional teams to implement IAM best practices
- Provide technical guidance on IAM strategies and solutions
Requirements:
- Hands-on experience with IGA platforms (e.g., SailPoint IdentityNow/IdentityIQ, Saviynt, Okta Identity Governance, Microsoft Entra ID Governance, One Identity, etc.)
- Strong knowledge of authentication protocols and technologies (LDAP, SAML, OAuth, OpenID Connect, Kerberos)
- Experience with PAM solutions (e.g., CyberArk, BeyondTrust, HashiCorp Vault, Thycotic/Delinea)
- Familiarity with Active Directory (AD), Azure AD (Entra ID), SCIM, and API-based integrations
- Scripting skills in PowerShell, Python, or similar languages for automation
- Understanding of regulatory requirements related to IAM (e.g., SOX, HIPAA, NIST, ISO 27001)
- Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent experience)
- Minimum of 5 years of experience managing Microsoft Exchange Server and Active Directory in a large enterprise environment
- Experience administering Office 365 / Exchange Online environments
- Experience with Cloud IAM (AWS, Azure, GCP)
- Knowledge of Zero Trust Architecture (ZTA) principles
- Relevant certifications: CISSP, CISM, GIAC, Microsoft SC-300, SailPoint Certified Engineer, Okta Certified Professional/Administrator, CyberArk Defender/Guardian, etc